package com.javaweb.util.core;

import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.util.Date;
import java.util.UUID;
import java.util.regex.Matcher;
import java.util.regex.Pattern;

/**
 * JAVA双因素认证2FA
 * TC=floor((unixtime(now)−unixtime(T0))/TS)
 * TC=floor(unixtime(now)/30)
 * TOTP=HASH(SecretKey,TC)
 */
public class TwoFAUtil {
	
	public static void main(String[] args) {
		Pattern pattern = Pattern.compile("\\d");
		String key = UUID.randomUUID().toString().replace("-", "");//秘钥（生成策略一般是32位随机字符串）
		for (int i = 0; i < 70; i++) {
			String TC = String.valueOf((int) Math.floor(new Date().getTime() / 1000 / 30));//时间算法，30表示30秒刷新一次
			String TOTP = sha1(TC + key);
			//System.out.println(TOTP);
			Matcher matcher = pattern.matcher(TOTP);
			String result = "";
			while (matcher.find()) {
				result += matcher.group();
			}
			result = result.substring(result.length() - 6);
			System.out.println(i + "  --  " + result);
			try {
				Thread.sleep(1000);
			} catch (InterruptedException e) {
				e.printStackTrace();
			}
		}
	}

	public static final char[] HEX_DIGITS = "0123456789abcdef".toCharArray();

	public static String sha1(String srcStr) {
		return hash("SHA-1", srcStr);
	}

	public static String hash(String algorithm, String srcStr) {
		try {
			MessageDigest messageDigest = MessageDigest.getInstance(algorithm);
			byte[] bytes = messageDigest.digest(srcStr.getBytes(StandardCharsets.UTF_8));
			return toHex(bytes);
		} catch (Exception e) {
			throw new RuntimeException(e);
		}
	}

	public static String toHex(byte[] bytes) {
		StringBuilder ret = new StringBuilder(bytes.length * 2);
		for (int i = 0; i < bytes.length; i++) {
			ret.append(HEX_DIGITS[(bytes[i] >> 4) & 0x0f]);
			ret.append(HEX_DIGITS[bytes[i] & 0x0f]);
		}
		return ret.toString();
	}
	
}
